use of io.gravitee.am.identityprovider.api.Authentication in project gravitee-access-management by gravitee-io.
the class UserAuthenticationServiceTest method shouldLoadPreAuthenticatedUser_subjectRequest_enhance_defer.
@Test
public void shouldLoadPreAuthenticatedUser_subjectRequest_enhance_defer() {
final User existingUser = new User();
existingUser.setId(UUID.randomUUID().toString());
existingUser.setUsername("username");
existingUser.setAccountNonLocked(true);
var request = mock(Request.class);
when(userService.findById(existingUser.getId())).thenReturn(Maybe.just(existingUser));
when(identityProviderManager.get(any())).thenReturn(Maybe.just(new AuthenticationProvider() {
@Override
public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
return Maybe.empty();
}
@Override
public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
return Maybe.empty();
}
}));
when(userService.enhance(existingUser)).thenReturn(Single.just(existingUser));
TestObserver<User> testObserver = userAuthenticationService.loadPreAuthenticatedUser(existingUser.getId(), request).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertValue(user1 -> user1.equals(existingUser));
}
use of io.gravitee.am.identityprovider.api.Authentication in project gravitee-access-management by gravitee-io.
the class UserAuthProviderImpl method authenticate.
@Override
public void authenticate(RoutingContext context, JsonObject authInfo, Handler<AsyncResult<User>> handler) {
String username = authInfo.getString(USERNAME_PARAMETER);
String password = authInfo.getString(PASSWORD_PARAMETER);
String clientId = authInfo.getString(Parameters.CLIENT_ID);
String ipAddress = authInfo.getString(Claims.ip_address);
String userAgent = authInfo.getString(Claims.user_agent);
parseClient(clientId, parseClientHandler -> {
if (parseClientHandler.failed()) {
logger.error("Authentication failure: unable to retrieve client " + clientId, parseClientHandler.cause());
handler.handle(Future.failedFuture(parseClientHandler.cause()));
return;
}
// retrieve the client (application)
final Client client = parseClientHandler.result();
// end user authentication
SimpleAuthenticationContext authenticationContext = new SimpleAuthenticationContext(new VertxHttpServerRequest(context.request().getDelegate()));
final Authentication authentication = new EndUserAuthentication(username, password, authenticationContext);
authenticationContext.set(Claims.ip_address, ipAddress);
authenticationContext.set(Claims.user_agent, userAgent);
authenticationContext.set(Claims.domain, client.getDomain());
userAuthenticationManager.authenticate(client, authentication).subscribe(user -> handler.handle(Future.succeededFuture(new io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User(user))), error -> handler.handle(Future.failedFuture(error)));
});
}
use of io.gravitee.am.identityprovider.api.Authentication in project gravitee-access-management by gravitee-io.
the class UserAuthenticationManagerTest method shouldAuthenticateUser_singleIdentityProvider.
@Test
public void shouldAuthenticateUser_singleIdentityProvider() {
Client client = new Client();
client.setClientId("client-id");
client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1"));
IdentityProvider identityProvider = new IdentityProvider();
identityProvider.setId("idp-1");
when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
when(passwordService.checkAccountPasswordExpiry(any(), any(), any())).thenReturn(false);
when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
User user = new User();
user.setUsername(idpUser.getUsername());
return Single.just(user);
});
when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {
@Override
public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
return Maybe.just(new DefaultUser("username"));
}
@Override
public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
return Maybe.empty();
}
}));
TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {
@Override
public Object getCredentials() {
return null;
}
@Override
public Object getPrincipal() {
return "username";
}
@Override
public AuthenticationContext getContext() {
return null;
}
}).test();
observer.assertNoErrors();
observer.assertComplete();
observer.assertValue(user -> user.getUsername().equals("username"));
verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.SUCCESS), any());
}
use of io.gravitee.am.identityprovider.api.Authentication in project gravitee-access-management by gravitee-io.
the class UserAuthenticationManagerTest method shouldAuthenticateUser_multipleIdentityProvider.
@Test
public void shouldAuthenticateUser_multipleIdentityProvider() {
Client client = new Client();
client.setClientId("client-id");
client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1", "idp-2"));
IdentityProvider identityProvider = new IdentityProvider();
identityProvider.setId("idp-1");
IdentityProvider identityProvider2 = new IdentityProvider();
identityProvider2.setId("idp-2");
when(passwordService.checkAccountPasswordExpiry(any(), any(), any())).thenReturn(false);
when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
User user = new User();
user.setUsername(idpUser.getUsername());
return Single.just(user);
});
when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {
@Override
public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
throw new BadCredentialsException();
}
@Override
public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
return Maybe.empty();
}
}));
when(identityProviderManager.getIdentityProvider("idp-2")).thenReturn(identityProvider2);
when(identityProviderManager.get("idp-2")).thenReturn(Maybe.just(new AuthenticationProvider() {
@Override
public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
return Maybe.just(new DefaultUser("username"));
}
@Override
public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
return Maybe.empty();
}
}));
TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {
@Override
public Object getCredentials() {
return null;
}
@Override
public Object getPrincipal() {
return "username";
}
@Override
public AuthenticationContext getContext() {
return null;
}
}).test();
observer.assertNoErrors();
observer.assertComplete();
observer.assertValue(user -> user.getUsername().equals("username"));
verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.SUCCESS), any());
}
use of io.gravitee.am.identityprovider.api.Authentication in project gravitee-access-management by gravitee-io.
the class UserAuthenticationManagerTest method shouldAuthenticateUser_singleIdentityProvider_PasswordExipry.
@Test
public void shouldAuthenticateUser_singleIdentityProvider_PasswordExipry() {
Client client = new Client();
client.setClientId("client-id");
client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1"));
IdentityProvider identityProvider = new IdentityProvider();
identityProvider.setId("idp-1");
when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
when(passwordService.checkAccountPasswordExpiry(any(), any(), any())).thenReturn(true);
when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
User user = new User();
user.setUsername(idpUser.getUsername());
return Single.just(user);
});
when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {
@Override
public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
return Maybe.just(new DefaultUser("username"));
}
@Override
public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
return Maybe.empty();
}
}));
TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {
@Override
public Object getCredentials() {
return null;
}
@Override
public Object getPrincipal() {
return "username";
}
@Override
public AuthenticationContext getContext() {
return null;
}
}).test();
observer.awaitTerminalEvent();
observer.assertError(AccountPasswordExpiredException.class);
verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.FAILURE), any());
}
Aggregations